• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

New vulnerability? (plesk 9.5.4)

Me too

Same thing to me . I had to change my plesk server toward 10.4.
I don't still find the way they hack the panel plesk account.
Take care, i just delete all infected files (.pl .cgi, disable perl and cgi, it has bee hacked one more time after a week...
 
Yes me too

Hello ;

I got the same thing , things i dont understand :

- Why PLESK create a file with (0 bytes ) with system user ( for suspended domains ) in /var/spool/cron ????

- Users have no privilege to create cron jobs, how can hackers create files with users names in /var/spool/cron ?

Thanks
 
You must log in or register to reply here.

Similar threads

T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
3K
thespark
T
L
Migrate to Plesk on AWS from Plesk, cPanel or DirectAdmin
Replies
0
Views
6K
Lukas Hertig
L
V
Google PageSpeed Insights – How to optimize your site to rank higher
Replies
1
Views
6K
Andrew Roy
Andrew Roy
custer
Removing deadweight in Plesk Onyx
Replies
0
Views
12K
custer
custer
S
Critical Plesk vulnerability
Replies
6
Views
7K
IgorG
IgorG
Back
Top